ISO 9001:2015 MANAGEMENT SYSTEMS - Compass Assurance Services · compass assurance services pty ltd iso 9001:2015 management systems - requirements self-assessment checklist note:

COMPASS ASSURANCE SERVICES PTY LTD

ISO 9001:2015 MANAGEMENT SYSTEMS - REQUIREMENTS SELF-ASSESSMENT CHECKLIST

NOTE: THIS IS A SIMPLIFIED SUMMARY OF THE REQUIREMENTS OF ISO 9001:2015 QUALITY MANAGEMENT SYSTEM – REQUIREMENTS FOR THE SPECIFIC PURPOSE OF HELPING ORGANISATIONS UNDERTAKE A PRELIMINARY CHECK OF THEIR READINESS FOR AN ISO 9001:2015 AUDIT OR ASSESSMENT.

ISO 9001:2015 Quality Management SystemsRequirements Self-Assessment Checklist 2

REQUIRED DOCUMENTED INFORMATIONDocumented information needed to be maintained by you for the purpose of establishing the QMS(a) The scope of the QMS (clause 4.3)(b) Documented information to support the operation of

processes (clause 4.4)(c) The Quality Policy (clause 5)(d) The quality objectives (clause 6.2)

UNDERSTANDING THE ORGANISATION AND ITS CONTEXT(a) Have we determined external and internal issues relevant to the QMS

achieving its aim(b) Do we monitor and review these issues

DETERMINING THE SCOPE OF THE QUALITY MANAGEMENT SYSTEMHave we determined the boundaries of the QMS when establishing its scope. Did we consider:(a) external and internal issues(b) the requirements of relevant interested parties(c) our products and/or services

Have we documented the scope?Have we considered this standard and have we justified any exclusion?

4.1QUALITY MANAGEMENT SYSTEM

4.2 UNDERSTANDING THE NEEDS AND EXPECTATIONS OFINTERESTED PARTIES(a) Have we determined what interested parties are relevant to the QMS and

what are their requirements(b) Do we monitor and review this

4.3


4.4 QUALITY MANAGEMENT SYSTEM AND ITS PROCESSESHave we determined(a) the processes for the system and how they are to be applied(b) the inputs and outputs for those processes(c) how processes interrelate(d) methods to operate and control processes(e) resources and their availability and responsibilities

Have we evaluated risks and opportunities, processes and their implementationAs necessary, have we got documented information, that gives us confidence that we are carrying out activities as planned?


5.1 LEADERSHIP AND COMMITMENTCan we demonstrate top management is providing leadership and commitment to the QMS including taking accountability for:(a) the QMS(b) policy and objectives being compatible with strategy(c) integration of the QMS into business systems(d) promoting process and risk approach(e) ensuring the QMS is resourced(f) communicating the QMS(g) ensuring the QMS achieves its intended results(h) promoting improvement(i) supporting others

5.1.2 CUSTOMER FOCUSCan we demonstrate that top management actively provides leadership by ensuring:(a) customer requirements and applicable statutory and

regulatory requirements are determined and met(b) risks and opportunities that can affect the products and

services are determined and addressed(c) customer satisfaction determined, maintained and

enhanced

5.2 QUALITY POLICYHave we ensured the Policy(a) is appropriate to the organisation(b) has a commitment to meet requirements and continually improve the

system(c) has a framework to set objectives(d) is communicated and understood(e) available as documented information(f) available to interested parties as appropriate

5.3 ORGANIZATIONAL ROLES, RESPONSIBILITIES AND AUTHORITIESHave we assigned and communicated responsibilities and authorities to ensure:(a) the QMS conforms to the standard(b) processes deliver their outputs(c) reporting on the performance of the QMS to top management(d) promotion of customer focus throughout the organization


6 PlanningACTIONS TO ADDRESS RISKS AND OPPORTUNITIESHave we determined the risks and opportunities that need to be addressed to: (a) assure the QMS achieves its intended results(b) avoid or mitigate negative effects, enhance positive effects(c) achieve improvement

Have we planned:(a) actions to address these risks and opportunities(b) how to integrate these actions into the QMS

QUALITY OBJECTIVES AND PLANNING TO ACHIEVE THEM6.2

In planning how to achieve our quality objectives, have we determined(a) what will be done(b) what resources will be required(c) who will be responsible(d) when it will be completed(e) how the results will be evaluated

PLANNING OF CHANGESWhere we need to make changes to the QMS is it planned and do we consider:(a) the purpose and potential consequences(b) the integrity of the QMS(c) the availability of resources(d) changes to responsibilities and authorities

6.1

6.2.1 Have we established quality objectives at relevant functions andlevels and are they:(a) consistent with the policy(b) measurable, monitored, communicated and updated as

appropriate(c) relevant to conformity of products and services and the

enhancement of customer satisfaction and take into accountall applicable requirements

Do we retain documented information on the quality objectives?

6.2.2

6.3


RESOURCES 7 Support7.1

7.1.1 GeneralHave we determined and provide the resources needed for the QMS? Have we considered(a) the capabilities of, and constraints on existing resources(b) what needs to be obtained from external providers

7.1.2 PeopleHave we provided the persons necessary for the QMS

Infrastructure Do we provide and maintain the necessary infrastructure (such as buildings, technology, equipment)

7.1.3

7.1.5

7.1.4 Environment for the operation of processesDo we provide and maintain the environment necessary for operations (such as temperature, humidity, ergonomics and cleanliness).

Monitoring and Measuring Resources Have we ensured that the resources provided: (a) are suitable for the specific type of monitoring and

measurement activities being undertaken(b) are maintained to ensure their continued fitness for their

purposeHave we retained appropriate documented information asevidence?Have we processes in place to(a) verify or calibrate measurement instruments against reliable

standards(b) identify measurement instruments in order to determine

their calibration status(c) safeguarded measurement instruments from adjustments,

damage or deteriorationHave corrective actions been undertaken when issues arise with measurement instruments


COMPETENCEDo we (a) determine the necessary competence of person(s) that could affect the

QMS(b) ensure that these person(s) are competent on the basis of appropriate

education, training, or experience(c) take actions to access the necessary competence where applicable(d) retain appropriate documented information as evidence of competence

7.2

AWARENESSHave we ensured that person(s) doing work under the control of our business are aware of(a) the quality policy and relevant quality objectives(b) their contribution to the effectiveness of the QMS, including the benefits

of improved quality performance(c) the implications of not conforming with the quality management system

requirements

7.3

COMMUNICATIONHave we determined the internal and external communications relevant to the QMS including: (a) what will be communicated(b) when to communicate(c) with whom to communicate(d) how to communicate(e) Who communicates

7.4

7.1.6 ORGANIZATIONAL KNOWLEDGEHave we determined and made available the knowledge necessary for (a) the operation of our processes and(b) achieving conformity of products and servicesDo we determine how to access additional knowledge foraddressing change in our business


Control of documented InformationDo we ensure documented information required by the QMS are controlled to ensure: (a) it is available and suitable for use(b) it is adequately protected

Do we take into consideration these factors(a) distribution, access, retrieval and usage(b) storage and preservation(c) version control(d) retention and disposition(e) external documents are identified as appropriate, and

controlled.

7.5 DOCUMENTED INFORMATION

7.5.1 GeneralDoes our QMS include (a) documented information required by the standard(b) documented information necessary for the effectiveness

of the QMS

Creating and updatingDo we ensure we have(a) identification and description (such as a title, date,

author, or reference number)(b) review and approval

7.5.3

7.5.2 Creating and updatingDo we ensure we have(a) identification and description (such as a title, date,

author, or reference number)(b) review and approval


OPERATIONAL PLANNING AND CONTROLHave we planned, implemented and controlled our processes Have we(a) determined the requirements for our products and services(b) established criteria for the processes and the acceptance of products and

services(c) determined the resources needed(d) implemented controls(e) retained documented information as necessary to demonstrate processes

have been carried out effectively and product conformance(f) planned changes and reviewed issues,(g) ensured that outsourced processes are controlled

8.18 Operation

8.2 REQUIREMENTS FOR PRODUCTS AND SERVICESCustomer communicationHave we established processes for communicating with customers about: (a) our products and services(b) enquiries, contracts or orders(c) feedback including complaints(d) handling their property(e) contingency processes

8.2.1

8.2.2 Determining requirements related to products andservicesFor our products and services have we determined the following requirements:(a) applicable statutory and regulatory(b) those we feel are necessaryCan we meet the claims for the products and services weoffer?


8.2.3 Review of requirements related to products and servicesBefore committing to supply do we ensure we can meet: (a) requirements specified by the customer(b) requirements necessary for intended use(c) requirements specified by us(d) statutory and regulatory requirements(e) contract or order requirementsDo we(a) ensure that contract or order requirements differing from

those previously defined are resolved(b) confirm requirements before acceptance of the order(c) retain documented information as applicable describing

the results of the review, including any new or changedrequirements for the products and services

Changes to requirements for products and servicesHave we(a) ensured that documented information is amended and

that relevant personnel are made aware of the changedrequirements when requirements for products and servicesare changed

8.2.4

8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

8.3.2

8.3.1 GeneralDo we have a design and development process for products and services that are appropriate

Design and Development planning In determining the stages and controls for design and development, have we considered: (a) the nature, duration and complexity of the activities(b) stages including review(c) verification and validation(d) responsibilities and authorities(e) internal and external resources(f) involvement of customer and user groups(g) the subsequent production process(h) documented information required


8.3.3 Design and development InputsHave we considered: (a) functional and performance requirements(b) similar designs(c) statutory and regulatory requirements(d) standards or codes of practice(e) potential consequences of failure due to the nature of the products

and servicesHave we ensured inputs are adequate, complete, and unambiguous and all conflicts are resolvedHave we retained documented information on design and development inputs

Design and development controls Do our controls ensure(a) the results to be achieved are defined(b) reviews are conducted to ensure designs will meet requirements(c) verification is conducted to ensure that design outputs will meet the

defined inputs(d) validation ensures products and services are capable of meeting the

specified requirements or intended use(e) actions are taken on problems(f) documented information of these activities is retained.

8.3.4

8.3.5 Design and development outputsHave we ensured that outputs:(a) meet the input requirements(b) are adequate for production(c) reference monitoring and measuring requirements, and acceptance

criteria, as applicable(d) specify the characteristics of the products and services that are

essential for their intended purpose and their safe and proper useHas documented information of outputs been retained


8.3.6 Design and development changesDo we ensure there is no adverse impact on conformity when changes are made during design and developmentDo we keep documented information on (a) design and development changes(b) results of reviews(c) authorisation of changes(d) Actions taken to prevent adverse impacts

CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES8.48.4.1 General

Do we ensure that externally provided processes, products, and services conform to specified requirements and do we apply appropriate controls when: (a) products and services are provided by external providers

for incorporation into our products and services(b) products and services are provided directly to the

customer(s) by external providers on our behalf(c) a process or part of a process is provided by an external

providerHave we established and applied a criteria for the(a) evaluation(b) selection(c) monitoring(d) re-evaluation of external providers

Do we retain appropriate documented information

8.4.2 Type and extent of controlDo we (a) ensure externally provided processes are controlled within

our QMS(b) define controls over the process and the output(c) consider impacts to meet statutory and client requirements(d) determine verification requirements


8.4.3 Information for external providersHave we communicated to external providers our requirements related to:(a) the processes, products or services to be provided(b) approval or release of products and services, methods,

processes or equipment(c) competence of personnel, including necessary

qualifications(d) their interactions with us(e) control and monitoring we require(f) verification activities to be performed at their premises

8.5 PRODUCTION AND SERVICE PROVISIONControl of production and service provision Is production undertaken under controlled conditionsThis may include (as applicable)(a) documented information about the products and services

or activities to be performed(b) monitoring and measurement activities(c) infrastructure and environment(d) the availability and use of suitable monitoring and

measuring resources(e) competent persons(f) actions to prevent errors(g) release, delivery and post-delivery activities

8.5.1

8.5.2 Identification and traceabilityDo we identify outputs where it is necessary to ensure conformity? Do we identify the status of outputs?Do we control the unique identification of outputs where traceability is required?Do we retain documented information necessary to maintain traceability?


8.5.3 Property belonging to customers or external providersDo we exercise care with property belonging to the customer or external providers?Have we identified, verified, protected and safeguarded the customer’s or external provider’s property?When property of the customer or external provider is lost or damaged do we report to the provider and keep documented information on what occurred?(includes materials, components, tools and equipment, customer premises, intellectual property and personal data)

Preservation Do we ensure preservation of process outputs during production to maintain conformity to requirements? (can include identification, handling, packaging, storage, transmission or transportation and protection)

8.5.4

Post-delivery activities Do we meet requirements for post-delivery activities associated with the products and services (Post-delivery activities can include warranty, contractual obligations, maintenance services, recycling or final disposal)

Do we consider: (a) statutory and regulatory requirements(b) the potential undesired consequences associated with

our products and services(c) the nature, use and intended lifetime of our products and

services(d) customer requirements and feedback

8.5.5

8.5.6 Control of changesDo we review and control changes in production to ensure continuing conformity with requirementsDo we retain documented information of the review of changes to production including authorisation and any necessary actions


8.6 RELEASE OF PRODUCTS AND SERVICESDo we have planned processes at appropriate stages of production to verify that requirements have been metDo we ensure product is not released until this is completedDo we retain documented information of evidence of conformity with the acceptance criteria and traceability to persons authorizing release

CONTROL OF NONCONFORMING OUTPUTSDo we ensure product that does not conform to requirements are identified and controlled to prevent their unintended use or delivery Do we take appropriate corrective action Do we deal with nonconforming products in one or more of the following ways: (a) correction(b) segregation, containment, return or suspension of production(c) informing the customer(d) obtaining authorization for acceptance under concessionDo we re-verify when products are corrected?Do we retain documented information describing the non-conformance, actionstaken, concessions obtained and authorisations

8.7


9 Performance EvaluationMONITORING, MEASUREMENT, ANALYSIS AND EVALUATION9.19.1.1 General

Have we determined(a) what needs to be monitored and measured(b) the methods(c) when monitoring and measurement is to be done(d) when results will be analysed and evaluatedDo we evaluate the effectiveness of the QMSDo we retain documented information of this

9.1.2Customer satisfaction Do we monitor customer perceptions

(this can include customer satisfaction surveys, customer feedback, market-share analysis, compliments, warranty claims and dealer reports)Have we determined how we will obtain, monitor and review this information

9.1.3 Analysis and evaluationDo we analyse and evaluate appropriate data Do we use the results to evaluate(a) product conformity(b) customer satisfaction(c) the performance and effectiveness of the QMS and any

improvements needed(d) if planning has been implemented effectively(e) the effectiveness of actions taken to address risks and

opportunities(f) external providers


INTERNAL AUDIT9.29.2.1 Do we conduct internal audits at planned intervals to ensure

the QMS:(a) Conforms to our requirements(b) Conforms to the requirements of 9001:2015(c) Is effectively implemented and maintained

9.2.2 Have we:(a) planned and implemented an effective audit program(b) defined the criteria and scope for each audit(c) selected auditors to ensure objectivity and impartiality(d) ensured that the results are reported to relevant

management(e) taken necessary correction and corrective actions without

undue delay(f) retained documented information


9.3.3 Outputs(a) opportunities for improvement(b) changes to the QMS(c) resourcesDo we retain documented information as evidence of the results of management reviews

9.3 MANAGEMENT REVIEW

9.3.1 Does our top management review our QMS at plannedintervals

9.3.2 Inputs(a) the status of actions from previous management reviews(b) changes in external and internal issues relevant to the

QMS(c) information on the QMS including

− customer satisfaction and stakeholder feedback− quality objectives performance− product performance and conformity− nonconformance and corrective action− monitoring and measurement including audits− external providers− process performance and conformity of products

and services; (d) adequacy of resources(e) actions taken regarding risk and opportunity(f) improvement


10 Improvement10.1 GENERAL

Have we determined and selected opportunities for improvement and implement necessary actions including: (a) improving products and services(b) correcting, preventing or reducing undesired effects;(c) improving the performance and effectiveness of the QMS

NONCONFORMITY AND CORRECTIVE ACTION10.2When a nonconformity occurs, including complaints, do we: (a) react to the nonconformity, and as applicable:

− take action to control and correct it− deal with the consequences

(b) evaluate the need for action to eliminate thecause(s) by:− reviewing and analysing− determining the causes − determining if similar nonconformities exist,

or could potentially occur(c) implement any action needed(d) review the effectiveness of any corrective action

taken(e) make changes to the QMS if necessary

10.2.1

10.2.2 Have we retain documented information as evidence of:(a) the nature of the nonconformities and any

subsequent actions taken(b) the results of any corrective action


10.3 CONTINUAL IMPROVEMENTDo we (a) continually improve the effectiveness of the QMS(b) consider the outputs of analysis and management reviews to

identify opportunities for continual improvement(c) encourage Compass Assurance Services to keep improving and

remain a valuable partner to us

Documents

ISO 9001:2015 MANAGEMENT SYSTEMS - Compass Assurance Services · compass assurance services pty ltd iso 9001:2015 management systems - requirements self-assessment checklist note: